Principal Security Consultant, Governance

Presidio, Where Teamwork and Innovation Shape the Future
AtPresidio, we're at the forefront of a global technology revolution, transforming industries throughcutting-edge digital solutions and next-generation AI. We empower businesses-and their customers-to achieve more through innovation, automation, and intelligent insights.

The Role
Reporting to the Cybersecurity Delivery Manager, a Principal Security Consultant, Governance is expected to have a deep level of expertise and vast knowledge base in core information security governance, risk, compliance, and privacy domains. It is critical that a Principal Security Consultant be able to present complex solutions and topics in a concise manner. The consultant must be comfortable blending multiple service offerings and deliverables into a single aggregate final risk report/deliverable and executive presentation for audiences of all levels and skillsets.

The ideal consultant will have experience in reviewing, understanding, and interpreting risk management and compliance frameworks, security standards, and privacy models. The consultant must have a professional and practical understanding of Information Technology, including how technical and administrative controls are implemented across various industry verticals and company sizes. The candidate should be well versed in assessing said controls, understand how controls should be governed, and be able to assist in the strategic development of aligning security goals to business objectives.

Travel Requirements:

This is a remote role within the Continental United States and will require 30% travel to client locations to deliver professional services when needed.

• Lead client engagements and project execution providing information security consultation and assessment services, helping our clients meet their compliance obligations by evaluating their business, technology, and operations against industry security standards.
• Educate, mentor, advise, and share your expertise with clients and colleagues to aid in making decisions on topics like organizational security strategy and services scope as well provide consultative guidance on complex projects.
• Providing clear, organized findings and recommendations to clients and tracking progress towards resolution and compliance.
• Consult/advise with C-level Security Leaders (CISO, CSO, CIO, etc.) and the Board of Directors with our most valued and strategic clients.
• Develop strategic, operational, and tactical recommendations tailored to each client with the intent to improve a client's security posture and compliance position.
• Create detailed strategic security roadmaps with short-term, mid-term, and long-term goals that prioritize remediation recommendations and address all instances of non-compliance with applicable regulatory, statutory, contractual, and organizational obligations.
• Lead large security engagements in concert with other cybersecurity practices and Presidio teams.
• Develop security policies, standards, and procedures that are custom-tailored to each client's unique culture, security goals, and organizational objectives using industry best practices and compliance requirements.
• Review, analyze, and assess key factors, including inherent risk, mitigating controls, business impact, likelihood and other key elements to determine organizational security risk.
• Ensure and assess client alignment to, and/or compliance with, applicable regulatory, federal, state, local, contractual, and organizational requirements and best practices standards such as ISO 27001, NIST Cyber Security Framework (CSF), PCI DSS, HIPAA, FERPA, NIST 800-171, CMMC, etc.
• Work closely with organizations to conduct security program development by establishing the foundation for a best of breed security program architecture reference model using industry frameworks and standards such as ISO 27001, NIST 800-53, NIST CSF, etc.
• Work with other seasoned Principal Security Consultants in a collaborative setting to support and assist on the execution and delivery of key services such as Cloud Governance, Advisory Services, security program development, documentation review, and security consulting services.
• Execute tabletop exercises after collaborating with client stakeholders to select the scenario then create an After Action Report.
• Assist leadership in cybersecurity administrative functions, such as documentation maintenance, documentation creation, peer review, and other internal cybersecurity activities.

Core Communication Skills

• Listening




• Understand and interpret client stakeholder needs across audiences, e.g., executive, legal, IT leadership, information security




• Asking




• Uncover underlying issues and requirements through in-depth inquiry and insightful questioning to facilitate meaningful discussions




• Translating




• Simplify and contextualize technical concepts, threats, and insights into business-relevant terms aligned with communicated priorities




• Communicating




• Strong verbal and written communication skills
• Articulate information risk to non-technical executives and other stakeholders in business-relevant terms

Required Skills and Professional Experience:

• Bachelor's degree or the equivalent work experience and/or military experience
• We seek 5-8 years previous consulting experience.
• Minimum of 5 years conducting Information Security risk and compliance assessments.
• Minimum of 5 years evaluating compliance with regulatory and key IT standards such as HIPAA, PCI DSS, NIST CSF, ISO 27001, and other similar standards/frameworks.
• Cloud experience with AWS, Azure or Google Cloud Platform or non-foundational certification for any of these cloud platforms or one of the following cloud agnostic certifications: Certified Cloud Security Professional (CCSP), Certificate of Cloud Security Knowledge (CCSK), GIAC Cloud Security Essentials (GCLD)
• Current information security certifications (e.g., CISSP, CGRC, ISSMP, CISA, CISM, GSNA, C|CISO, ISO 27001 Lead Implementer, ISO 27001 Leader Auditor, CMMC Registered Practitioner)

Your future at Presidio
JoiningPresidiomeans stepping into aculture of trailblazers-thinkers, builders, and collaborators-who push the boundaries of what's possible. With our expertise inAI-driven analytics, cloud solutions, cybersecurity, and next-gen infrastructure, we enable businesses to stay ahead in an ever-evolving digital world.
Here,your impact is real.Whether you're harnessing the power ofGenerative AI, architecting resilientdigital ecosystems, or drivingdata-driven transformation, you'll be part of a team that is shaping the future.

Ready to innovate? Let's redefine what's next-together.

About Presidio
Presidio is committed to hiring the most qualified candidates to join our amazing culture. We aim to attract and hire top talent from all backgrounds, including underrepresented and marginalized communities. We encourage women, people of color, people with disabilities, and veterans to apply for open roles at Presidio. Diversity of skills and thought is a key component to our business success.

At Presidio, speed and quality meet technology and innovation. Presidio is a trusted ally for organizations across industries with a decades-long history of building traditional IT foundations and deep expertise in AI and automation, security, networking, digital transformation, and cloud computing. Presidio fills gaps, removes hurdles, optimizes costs, and reduces risk. Presidio's expert technical team develops custom applications, provides managed services, enables actionable data insights and builds forward-thinking solutions that drive strategic outcomes for clients globally. For more information, visit www.presidio.com

*****

Applications will be accepted on a rolling basis.

Presidio is an Equal Opportunity / Affirmative Action Employer / VEVRAA Federal Contractor. All qualified candidates will receive consideration for this position regardless of race, color, creed, religion, national origin, age, sex, citizenship, ethnicity, veteran status, marital status, disability, sexual orientation, gender identification or any other characteristic protected by applicable federal, state and local statutes, regulations and ordinances.

To read more about discrimination protections under Federal Law, please visit: https://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf

If you have any difficulty using our online system and need an accommodation in the job application process due to a disability, please send an email to recruitment@presidio.com for assistance.

Presidio is a VEVRAA Federal Contractor requesting priority referrals of protected veterans for its openings. State Employment Services, please provide priority referrals to recruitment@presidio.com.

Notice to Massachusetts Candidates: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Recruitment Agencies, Please Note: Presidio does not accept unsolicited agency resumes/CVs. Do not forward resumes/CVs to our careers email address, Presidio employees or any other means. Presidio is not responsible for any fees related to unsolicited resumes/CVs.

#LI-PH1